We have released LibreSSL 2.7.5, a stable update for the
2.7.x series. It contains the following changes:
* Fixed warnings about clock_gettime on Windows Visual Studio builds.
* Fixed CMake builds on systems where getpagesize is defined as an
inline function.
* Fixed manpage installation on case-insensitive filesystems.
* Added a blinding value when generating DSA and ECDSA signatures, in
order to reduce the possibility of a side-channel attack leaking the
private key.
* Fixed a non-uniformity in getentropy(2) emulation where a block of
all zeroes would be discarded.
The LibreSSL project continues improvement of the codebase to reflect modern,
safe programming practices. We welcome feedback and improvements from the
broader community. Thanks to all of the contributors who helped make this
release possible.